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Cryptograph y and data security 
Dorothy Elizabeth Robling Denning 
January 1982 Book 

Publisher: Addison-Wesley Longman Publishing Co., Inc. 

Full text available: W pdf(1 9 47 MB) Additional Information: full citation , abstract , references , cited b y. index 
• [a] : terms 

From the Preface (See Front Matter for full Preface) 

Electronic computers have evolved from exiguous experimental enterprises in the 1940s to 
prolific practical data processing systems in the 1980s. As we have come to rely on these 
systems to process and store data, we have also come to wonder about their ability to 
protect valuable data. 



Data security is the science and study of methods of protecting data in computer and 
communication systems from unauthorized disclosure ... 

2 On interdomain routin g security and pretty secure BGP (psBGP) 
P.C. van Oorschot, Tao Wan, Evangelos Kranakis 

July 2007 ACM Transactions on Information and System Security (TISSEC), volume 10 

Issue 3 
Publisher: ACM Press 

Full text available: Q pdf( 469.49 KB) Additional Information: full citation , abstract , references , index terms 

It Is well known that the Border Gateway Protocol (BGP), the IETF standard interdomain 
routing protocol, is vulnerable to a variety of attacks, and that a single misconfigured or 
malicious BGP speaker could result in large-scale service disruption. In this paper, we 
present Pretty Secure BGP (psBGP)-a proposal for securing BGP, including an 
architectural overview, design details for significant aspects, and preliminary security and 
operational analysis. psBGP differs from other secur ... 

Keywords: BGP, authentication, certificates, interdomain routing, public-key 
infrastructure, secure routing protocols, trust 





Fine-grained control of security capabilities 
Dan Boneh, Xuhua Ding, Gene Tsudik 

February 2004 ACM Transactions on Internet Technology (TOIT), Volume 4 issue 1 
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Publisher: ACM Press 

Full text available* 153 Ddf(1 28 09 KB) Additional Information: full citation , abstract , references , citings, index 
' ^ : terms 

We present a new approach for fine-grained control over users' security privileges (fast 
revocation of credentials) centered around the concept of an on-line semi-trusted mediator 
(SEM). The use of a SEM in conjunction with a simple threshold variant of the RSA 
cryptosystem (mediated RSA) offers a number of practical advantages over current 
revocation techniques. The benefits include simplified validation of digital signatures, 
efficient certificate revocation for legacy systems and fast revocat ... 

Keywords: Certificate Revocation, Digital Signatures, Public Key Infrastructure 



4 Session M9: di g ital ri g hts and marketin g : Di g ital ri g hts mana g ement usin g a mobile ||| 
^ phone 

^ Imad M. Abbadi, Chris j. Mitchell 

August 2007 Proceedings of the ninth international conference on Electronic 
commerce ICEC '07 

Publisher: ACM Press 

Full text available: pdf( 497.09 KB ) Additional Information: full citation , abstract , references , index terms 

This paper focuses on the problem of preventing illegal copying of digital assets without 
jeopardising the right of legitimate licence holders to transfer content between their own 
devices, which make up a domain. Our novel idea involves the use of a domain-specific 
mobile phone and the mobile phone network operator to authenticate the domain owner 
before devices can join a domain. This binds devices in a domain to a single owner, that, 
in turn, enables the binding of domain licences to the d ... 

Keywords: 3GPP GAA, DRM, access control, authorised domain management, copyright 
protection, trusted computing 



5 A public-key based secure mobile IP 

John Zao, Joshua Gahm, Gregory Troxel, Matthew Condell, Pam Helinek, Nina Yuan, Isidro 
Castineyra, Stephen Kent 

October 1999 Wireless Networks, volume 5 issue 5 
Publisher: Kluwer Academic Publishers 

Full text available: ^ pdf( 255.65 KB) Additional Information: full citation , references , citing s, index terms 



6 General stora ge protection techniques: Securing distributed stora g e: challenges . 
techniques , and systems 
Vishal Kher, Yongdae Kim 

November 2005 Proceedings of the 2005 ACM workshop on Storage security and 

survivability StorageSS '05 
Publisher: ACM Press 

Full text available: ^pdf (294.61 KB) Additional Information: full citation , abstract , references , index terms 

The rapid increase of sensitive data and the growing number of government regulations 
that require longterm data retention and protection have forced enterprises to pay serious 
attention to storage security. In this paper, we discuss important security issues related to 
storage and present a comprehensive survey of the security services provided by the 
existing storage systems. We cover a broad range of the storage security literature, 
present a critical review of the existing solutions, compare ... 
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Keywords: authorization, confidentiality, integrity, intrusion detection, privacy 

7 Access management for distributed systems: Peer-to-peer access control architecture 
usin g trusted computing technology 

^ Ravi Sandhu, Xinwen Zhang 

June 2005 Proceedings of the tenth ACM symposium on Access control models and 

technologies SACMAT 05 
Publisher: ACM Press 

Full text available- 151 pdf (215.48 KB) Additional Information: full citation , abstract , references , citing s, index 
" terms, review 

It has been recognized for some time that software alone does not provide an adequate 
foundation for building a high-assurance trusted platform. The emergence of industry- 
standard trusted computing technologies promises a revolution in this respect by providing 
roots of trust upon which secure applications can be developed. These technologies offer a 
particularly attractive platform for security in peer-to-peer environments. In this paper we 
propose a trusted computing architecture to enforce ac ... 

Keywords: access control, policy enforcement, security architecture, trusted computing 

8 Trustworthy 100-year digital objects: Evidence after every witness is dead 
Henry M. Gladney 

July 2004 ACM Transactions on Information Systems (TOIS), volume 22 issue 3 
Publisher: ACM Press 

Full text available* 151 pdf(1 24 MB) Additional Information: full citation , abstract , references , citings, index 
' ^ " terms 

In ancient times, wax seals impressed with signet rings were affixed to documents as 
evidence of their authenticity. A digital counterpart is a message authentication code fixed 
firmly to each important document. If a digital object is sealed together with its own audit 
trail, each user can examine this evidence to decide whether to trust the content— no 
matter how distant this user is in time, space, and social affiliation from the document's 
source. We propose an architecture and design that a ... 

Secure sessions for Web services 

Karthikeyan Bhargavan, Ricardo Corin, Cedric Fournet, Andrew D. Gordon 
May 2007 ACM Transactions on Information and System Security (TISSEC), volume 10 

Issue 2 
Publisher: ACM Press 

Full text available: *g) pdf (579.98 KB) Additional Information: full citation , abstract , references , index terms 

We address the problem of securing sequences of SOAP messages exchanged between 
web services and their clients. The WS-Security standard defines basic mechanisms to 
secure SOAP traffic, one message at a time. For typical web services, however, using WS- 
Security independently for each message is rather inefficient; moreover, it is often 
important to secure the integrity of a whole session, as well as each message. To these 
ends, recent specifications provide further SOAP-level mechanisms. WS-S ... 

Keywords: Web services, XML security 

10 Practical byzantine fault tolerance and proactive recovery 
Miguel Castro, Barbara Liskov 

November 2002 ACM Transactions on Computer Systems (TOCS), volume 20 issue 4 



http://portal.acm.org/results.cfm?CFID=182659&CFTOKEN=53993405&adv=l&COLL=A... 9/20/07 



Results (page 1): +root +key, +digital ^certificate, +validation, ^updating, +shared +priva... Page 4 of 7 



Additional Information: full citation , abstract , references , citings , index 
terms , review 

Our growing reliance on online services accessible on the Internet demands highly 
available systems that provide correct service without interruptions. Software bugs, 
operator mistakes, and malicious attacks are a major cause of service interruptions and 
they can cause arbitrary behavior, that is, Byzantine faults. This article describes a new 
replication algorithm, BFT, that can be used to build highly available systems that tolerate 
Byzantine faults. BFT can be used in practice to implement re ... 

Keywords: Byzantine fault tolerance, asynchronous systems, proactive recovery, state 
machine replication, state transfer 



Publisher: ACM Press 
Full text available: ■g)pdf( 1.63 MB] 



11 A public-key based secure mobile IP 

John Zao, Stephen Kent, Joshua Gahm, Gregory Troxel, Matthew Condell, Pam Helinek, Nina 
Yuan, Isidro Castineyra 

September 1997 Proceedings of the 3rd annual ACM/IEEE international conference on 
Mobile computing and networking MobiCom '97 

Publisher: ACM Press 

Full text available: Qpdf (1.95 MB) Additional Information: full citation , references , citings 




12 Stron g password-only authenticated key exchange 4 
David P. Jablon 

October 1996 ACM SIGCOMM Computer Communication Review, volume 26 issue 5 
Publisher: ACM Press 

Full text available: ^ pdf(1.52 MB) Additional Information: full citation , abstract , citings , index terms 

A new simple password exponential key exchange method (SPEKE) is described. It belongs 
to an exclusive class of methods which provide authentication and key establishment over 
an insecure channel using only a small password, without risk of offline dictionary attack. 
SPEKE and the closely-related Diffie-Hellman Encrypted Key Exchange (DH-EKE) are 
examined in light of both known and new attacks, along with sufficient preventive 
constraints. Although SPEKE and DH-EKE are similar, the constraints a ... 

13 Secure communications between bandwidth brokers 
Bu-Sung Lee, Wing-Keong Woo, Chai-Kiat Yeo, Teck-Meng Lim, Bee-Hwa Lim, Yuxiong He, Jie 
Song 

January 2004 ACM SIGOPS Operating Systems Review, volume 38 issue l 
Publisher: ACM Press 

Full text available: ^| pdf ( 922.33 KB ) Additional Information: full citation , abstract , references 

In the Differentiated Services (DiffServ) architecture, each domain has a Bandwidth Broker 
to provide the resources management, primarily bandwidth reservation. In a multi-domain 
environment, Simple Inter-domain Bandwidth Broker Signaling (SIBBS) protocol is 
proposed for the inter-domain communication protocol proposed for bandwidth broker 
communication. Since the information exchanged between BBs are sensitive in sense of 
Service Level Agreement (SLA), the communications between the inter-domai ... 

Keywords: Bandwidth Broker, Public Key Infrastructure, Simple Inter-domain Bandwidth 
Broker Signaling 
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^ September 2001 Journal on Educational Resources in Computing (JERIC) 
>^ Publisher: ACM Press 

Full text available: fill pdf( 61 3.63 KB ) AJ _ ltM . x „ f 

I^'html (2 78 KB) Additional Information: full citation , references , citings, index terms 



15 Mobility su p port and location awareness: An approach to enhance inter- provider 
^ roamin g throu g h secret sharing and its a p plication to WLANs 
^ Ulrike Meyer, Jared Cordasco, Susanne Wetzel 

September 2005 Proceedings of the 3rd ACM international workshop on Wireless 
mobile applications and services on WLAN hotspots WMASH '05 

Publisher: ACM Press 

Full text available: g pdf(278.20 KB ) Additional Information: full citation , abstract , references , index terms 

In this paper, we show how secret sharing can be used to address a number of 
shortcomings in state-of-the-art public-key-based inter-provider roaming. In particular, 
the new concept does not require costly operations for certificate validation by the mobile 
device. It furthermore eliminates the need for a secure channel between providers upon 
roaming. We demonstrate the new approach by introducing a new protocol, EAP-TLS-KS, 
for roaming between 802.11i-protected WLANs. In addition, we show that ... 

Keywords: 802. Hi, EAP-TLS-KS, PKI, WLAN, distributed DSS, inter-provider roaming, 
micropayment scheme, secret sharing 




16 Certificate-based authorization policy in a PKI environment 
Mary R. Thompson, Abdelilah Essiari, Srilekha Mudumbai 

November 2003 ACM Transactions on Information and System Security (TISSEC), 

Volume 6 Issue 4 
Publisher: ACM Press 

Full text available* 151 pdf(233.63 KB) Additional Information: full citation , abstract , references , citings, index 

: terms 

The major emphasis of public key infrastructure has been to provide a cryptographically 
secure means of authenticating identities. However, procedures for authorizing the holders 
of these identities to perform specific actions still need additional research and 
development. While there are a number of proposed standards for authorization structures 
and protocols such as KeyNote, SPKI, and SAML based on X.509 or other key-based 
identities, none have been widely adopted. As part of an effort to us ... 

Keywords: Public key infrastructure, XML, digital certificates 



Secure g roup mana g ement: Secure lon g term communities in ad hoc networks 
Nicolas Prigent, Christophe Bidan, Jean-Pierre Andreaux, Olivier Heen 

October 2003 Proceedings of the 1st ACM workshop on Security of ad hoc and sensor 
networks SASN '03 

Publisher: ACM Press 

Full text available: < g| pdf( 1 56.78 KB ) Additional Information: full citation , abstract , references 

Until recently, ad hoc networks were mainly used for military and security-sensitive 
applications. Nowadays, they could also be used in SOHO (Small Office / Home Office) or 
home networks. In such networks, devices are linked by long term relations. To ensure 
their security, it is necessary to define precisely which devices belong to a given network 
and are consequently inside the security perimeter. The chosen mechanisms need to be 
easy to use, because the users of SOHO and home networks are nei ... 
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Keywords: ad hoc networks security, home network security, secure long term 
community 



18 Secure g roup mana g ement: Secure multicast g roups on ad hoc networks 
T. Kaya, G. Lin, G. Noubir, A. Yilmaz 

October 2003 Proceedings of the 1st ACM workshop on Security of ad hoc and sensor 
networks SASN '03 

Publisher: ACM Press 

Full text available- odf(21 2 24 KB) Additional Information: full citation , abstract , references , citings, index 
" ^ : 1 terms 

In this paper we address the problem of secure multicast of data streams over a multihop 
wireless ad hoc network. We propose a dynamic multicast group management protocol 
that aims at solving problems that are specific to ad hoc networks such as mobility, 
unreliable links, and cost of multihop communication. The main idea is to have group 
members actively participate to the security of the multicast group, therefore reducing the 
communication and computation load on the source. Since the group s ... 

Keywords: MANET, multihop ad hoc, secure multicast, tracking 



19 Link and channel measurement: A simple mechanism for capturing and replay ing 

^ wireless channels 

^ Glenn Judd, Peter Steenkiste 

August 2005 Proceeding of the 2005 ACM SIGCOMM workshop on Experimental 
approaches to wireless network design and analysis E-WIND '05 

Publisher: ACM Press 

Full text available: ^pdf( 6.06 MB) Additional Information: full citation , abstract , references , index terms 

Physical layer wireless network emulation has the potential to be a powerful experimental 
tool. An important challenge in physical emulation, and traditional simulation, is to 
accurately model the wireless channel. In this paper we examine the possibility of using 
on-card signal strength measurements to capture wireless channel traces. A key 
advantage of this approach is the simplicity and ubiquity with which these measurements 
can be obtained since virtually all wireless devices provide the req ... 

Keywords: channel capture, emulation, wireless 



20 T1-B: computer and network securit y sym posium: Multiple personal security domains 
Reinaldo Matushima, Yeda R. Venturini, Rony R. M. Sakuragui, Tereza C. M. B. Carvalho, 
Wilson V. Rugglero, Mats Naslund, Makan Pourzandi 

July 2006 Proceedings of the 2006 international conference on Wireless 
communications and mobile computing IWCMC '06 

Publisher: ACM Press 

Full text available: 'g) pdf (503.77 KB) Additional Information: full citation , abstract , references , index terms 

Mobility, usability and security are major requirements for any Ad Hoc network systems, 
and there have been numerous papers in regards to them. However, often these 
requirements are addressed separately. For a valid solution, these requirements must be 
considered from an integrated view. In this paper, taking into account mobility and 
usability, we implement a framework which allows to securely share resources and 
services between devices in Ad-hoc networks, based on security policies defined by ... 

Keywords: ad hoc, domains composition, personal networks, security domains, security 
enforcement layer, wireless networks 
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